andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone
Blob Blame History Raw
From 85e5ebbddf2a9b39376b7bc3b1529d6f170b907e Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Thu, 25 Sep 2014 14:43:16 -0700
Subject: [PATCH 14/14] Ticket 47880 - CI test: added test cases for ticket
 47880

Description: Ticket #47880 - provide enabled ciphers as search result

https://fedorahosted.org/389/ticket/47880
(cherry picked from commit ce7378990855abe1a5b52cd4fbe78ffc33365dcb)
(cherry picked from commit b922e5d8387535a8bd71bbcea821ba08608d27c2)
---
 dirsrvtests/tickets/ticket47838_test.py | 46 ++++++++++++++++++++++++++++++++-
 1 file changed, 45 insertions(+), 1 deletion(-)

diff --git a/dirsrvtests/tickets/ticket47838_test.py b/dirsrvtests/tickets/ticket47838_test.py
index 1575376..c98c36e 100644
--- a/dirsrvtests/tickets/ticket47838_test.py
+++ b/dirsrvtests/tickets/ticket47838_test.py
@@ -216,6 +216,24 @@ def test_ticket47838_init(topology):
                                               'nsSSLToken': 'internal (software)',
                                               'nsSSLActivation': 'on'})))
 
+def comp_nsSSLEnableCipherCount(topology, ecount):
+    """
+    Check nsSSLEnabledCipher count with ecount
+    """
+    log.info("Checking nsSSLEnabledCiphers...")
+    msgid = topology.standalone.search_ext(ENCRYPTION_DN, ldap.SCOPE_BASE, 'cn=*', ['nsSSLEnabledCiphers'])
+    enabledciphercnt = 0
+    rtype, rdata, rmsgid = topology.standalone.result2(msgid)
+    topology.standalone.log.info("%d results" % len(rdata))
+
+    topology.standalone.log.info("Results:")
+    for dn, attrs in rdata:
+        topology.standalone.log.info("dn: %s" % dn)
+        if attrs.has_key('nsSSLEnabledCiphers'):
+            enabledciphercnt = len(attrs['nsSSLEnabledCiphers'])
+    topology.standalone.log.info("enabledCipherCount: %d" % enabledciphercnt)
+    assert ecount == enabledciphercnt
+
 def test_ticket47838_run_0(topology):
     """
     Check nsSSL3Ciphers: +all
@@ -248,6 +266,8 @@ def test_ticket47838_run_0(topology):
     log.info("Weak ciphers: %d" % wcount)
     assert wcount <= 29
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_1(topology):
     """
     Check nsSSL3Ciphers: +all
@@ -287,6 +307,8 @@ def test_ticket47838_run_1(topology):
     log.info("Weak ciphers: %d" % wcount)
     assert wcount <= 29
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_2(topology):
     """
     Check nsSSL3Ciphers: +rsa_aes_128_sha,+rsa_aes_256_sha
@@ -316,6 +338,8 @@ def test_ticket47838_run_2(topology):
     assert ecount == 2
     assert dcount == (plus_all_ecount + plus_all_dcount - ecount)
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_3(topology):
     """
     Check nsSSL3Ciphers: -all
@@ -344,6 +368,8 @@ def test_ticket47838_run_3(topology):
     log.info("Disabling SSL message?: %s" % disabledmsg.readline())
     assert disabledmsg != ''
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_4(topology):
     """
     Check no nsSSL3Ciphers
@@ -377,6 +403,8 @@ def test_ticket47838_run_4(topology):
     log.info("Weak ciphers in the default setting: %d" % wcount)
     assert wcount == 0
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_5(topology):
     """
     Check nsSSL3Ciphers: default
@@ -410,6 +438,8 @@ def test_ticket47838_run_5(topology):
     log.info("Weak ciphers in the default setting: %d" % wcount)
     assert wcount == 0
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_6(topology):
     """
     Check nssSSL3Chiphers: +all,-rsa_rc4_128_md5
@@ -441,6 +471,8 @@ def test_ticket47838_run_6(topology):
     assert ecount == (plus_all_ecount_noweak - 1)
     assert dcount == (plus_all_dcount_noweak + 1)
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_7(topology):
     """
     Check nssSSL3Chiphers: -all,+rsa_rc4_128_md5
@@ -470,6 +502,8 @@ def test_ticket47838_run_7(topology):
     assert ecount == 1
     assert dcount == (plus_all_ecount + plus_all_dcount - ecount)
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_8(topology):
     """
     Check nsSSL3Ciphers: default + allowWeakCipher: off
@@ -503,6 +537,8 @@ def test_ticket47838_run_8(topology):
     log.info("Weak ciphers in the default setting: %d" % wcount)
     assert wcount == 0
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_9(topology):
     """
     Check no nsSSL3Ciphers
@@ -537,6 +573,8 @@ def test_ticket47838_run_9(topology):
     log.info("Weak ciphers in the default setting: %d" % wcount)
     assert wcount == 11
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_10(topology):
     """
     Check nssSSL3Chiphers: -TLS_RSA_WITH_NULL_MD5,+TLS_RSA_WITH_RC4_128_MD5,
@@ -579,6 +617,8 @@ def test_ticket47838_run_10(topology):
 
     topology.standalone.log.info("ticket47838 was successfully verified.");
 
+    comp_nsSSLEnableCipherCount(topology, ecount)
+
 def test_ticket47838_run_11(topology):
     """
     Check nssSSL3Chiphers: +fortezza
@@ -603,6 +643,8 @@ def test_ticket47838_run_11(topology):
         log.info("Expected error message was not found")
         assert False
 
+    comp_nsSSLEnableCipherCount(topology, 0)
+
 def test_ticket47838_run_last(topology):
     """
     Check nssSSL3Chiphers: all <== invalid value
@@ -627,7 +669,9 @@ def test_ticket47838_run_last(topology):
         log.info("Expected error message was not found")
         assert False
 
-    topology.standalone.log.info("ticket47838 was successfully verified.");
+    comp_nsSSLEnableCipherCount(topology, 0)
+
+    topology.standalone.log.info("ticket47838, 47880, 47908 were successfully verified.");
 
 def test_ticket47838_final(topology):
     topology.standalone.simple_bind_s(DN_DM, PASSWORD)
-- 
1.9.3